Roles and Permissions – TAS E-Coach

Understanding User Roles and Permissions

How to optimally manage access and permissions in E-Coach

In E-Coach, user roles control which functions and areas a user can access. To ensure security and clarity, we distinguish between global administrative roles, operational roles, and basic roles.

Some operational roles are limited, which means that a so-called Scope (access area) must be defined for them.

🔍 What does "Limited Access" (Scope) mean?

Roles marked as Limited in the tables below do not automatically have access to all data in the system. A scope must strictly be set up for these users.

A scope defines the exact viewing and editing area of a user and grants access to:

• Specific projects and/or

• Specific groups/teams

Example: A "Coach" can only view and edit the coachings and evaluations for the teams or projects explicitly assigned to them via their scope.

🛡️ Administrative Roles (Global)

These roles are used for managing and configuring the system. They require no scope, as their management area relates to the global settings.

Role	Description
Super Administrator	Has complete access to all functions in the system. Can manage the SSO configuration as well as assign and revoke SuperAdmin roles to others.
User Administrator	Manages users in the system. Can assign roles, teams, and projects.
Structure Administrator	Manages teams and projects (the structure of the system). Note: Does not manage user assignments unless the role is combined with the User Administrator.
Content Administrator	Manages contact reasons (including project-related configuration, if applicable).
Evaluation Form Administrator	Manages evaluation forms and methods. Can view projects for assignments and configurations.

🎯 Operational Roles (Scope required)

These roles work actively with the data in the system (evaluations, coachings, reports). A scope (project/group) must strictly be assigned for all these roles.

Role	Access	Description
Coach	Limited	Creates and manages coachings as well as evaluations. Automatically includes all permissions of the Auditor role.
Auditor	Limited	Creates and manages evaluations. Has read access to supporting master data (such as projects, teams, users, evaluation forms, methods, contact reasons, and tasks).
Evaluator	Limited	Creates reports and can view evaluations as well as coachings.
Task Manager	Limited	Creates and manages tasks. Can view users and projects for assignments.

👤 Standard Roles

Role	Description
Basic User	Standard user with fundamental basic access. Usually has access to their own dashboard and their own personal performance data.

💡 Tip for assigning roles

Roles can be combined in many cases. If a user needs to manage the structure and assign users at the same time, for example, assign them both the Structure Administrator and the User Administrator.

Further Information

→ How do I assign a role to a user?

→ How do I set up a scope?

→ Overview: Managing projects and teams

Need further help? Contact our support